ReportizFlow
Filtered by vendor
Subscriptions
Total
29885 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3269 | 1 Thorcms | 1 Thorcms | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in includes/functions_cms.php in THoRCMS 1.3.1 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. | ||||
| CVE-2000-0228 | 1 Microsoft | 1 Windows Media Rights Manager | 2025-04-03 | N/A |
| Microsoft Windows Media License Manager allows remote attackers to cause a denial of service by sending a malformed request that causes the manager to halt, aka the "Malformed Media License Request" Vulnerability. | ||||
| CVE-2006-3292 | 1 Jaws | 1 Jaws | 2025-04-03 | N/A |
| SQL injection vulnerability in the Search gadget in Jaws 0.6.2 allows remote attackers to execute arbitrary SQL commands via queries with the "LIKE" keyword in the searchdata parameter (search field). | ||||
| CVE-2000-0248 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands. | ||||
| CVE-2000-0264 | 1 Panda | 1 Panda Security | 2025-04-03 | N/A |
| Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods. | ||||
| CVE-2006-3321 | 1 2enetworx | 1 Openforum | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in openforum.asp in OpenForum 1.2 Beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ofdisp and (2) ofmsgid parameters. | ||||
| CVE-2006-3330 | 1 Deltascripts | 1 Php Classifieds | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php. | ||||
| CVE-2000-0286 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| X fontserver xfs allows local users to cause a denial of service via malformed input to the server. | ||||
| CVE-2006-3342 | 1 Olate | 1 Arctic | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Arctic 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search cmd. | ||||
| CVE-2006-3402 | 1 Virtuastore | 1 Virtuastore | 2025-04-03 | N/A |
| SQL injection vulnerability in VirtuaStore 2.0 allows remote attackers to execute arbitrary SQL commands via the password parameter when logging in. | ||||
| CVE-2006-3391 | 1 Imbc | 1 Imbccontents Activex Control | 2025-04-03 | N/A |
| The Execute function in iMBCContents ActiveX Control before 2.0.0.59 allows remote attackers to execute arbitrary files via the file URI handler. | ||||
| CVE-2006-3414 | 1 Tor | 1 Tor | 2025-04-03 | N/A |
| Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, which allows remote attackers to arbitrarily group users by providing preferential address resolution. | ||||
| CVE-2006-3419 | 1 Tor | 1 Tor | 2025-04-03 | N/A |
| Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographically strong RAND_bytes, and seeds the entropy value at start-up with 160-bit chunks without reseeding, which makes it easier for attackers to conduct brute force guessing attacks. | ||||
| CVE-2006-3417 | 1 Tor | 1 Tor | 2025-04-03 | N/A |
| Tor client before 0.1.1.20 prefers entry points based on is_fast or is_stable flags, which could allow remote attackers to be preferred over nodes that are identified as more trustworthy "entry guard" (is_guard) systems by directory authorities. | ||||
| CVE-2006-3418 | 1 Tor | 1 Tor | 2025-04-03 | N/A |
| Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications. | ||||
| CVE-2000-0317 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option. | ||||
| CVE-2005-3641 | 1 Oracle | 5 Database Server, Database Server Lite, Oracle10g and 2 more | 2025-04-03 | N/A |
| Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username. | ||||
| CVE-2005-3648 | 1 Moodle | 1 Moodle | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php. | ||||
| CVE-2006-3476 | 1 Phpwebgallery | 1 Phpwebgallery | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in comments.php in PhpWebGallery 1.5.2 and earlier, and possibly 1.6.0, allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. | ||||
| CVE-2005-3649 | 1 Moodle | 1 Moodle | 2025-04-03 | N/A |
| jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users to other sites via the jump parameter. | ||||